5 matches found
phpPass 2 AccessControl.PHP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6594/info A problem with phpPass may allow an attacker to launch a SQL injection attack. The vulnerability exists in the accesscontrol.php script included with phpPass. Due to insufficient sanitization of user-supplied...
CVE-2003-1533
CVE-2003-1533 affects PhpPass 2, where accesscontrol.php is vulnerable to SQL injection via the uid and pwd parameters. The underlying issue allows remote attackers to craft inputs that alter SQL queries, enabling arbitrary SQL execution. Documented impact indicates potential enablement of unauth...
CVE-2003-1533
SQL injection vulnerability in accesscontrol.php in PhpPass 2 allows remote attackers to execute arbitrary SQL commands via the 1 uid and 2 pwd parameters...
CVE-2005-2637
Multiple SQL injection vulnerabilities in PHPFreeNews 1.40 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 Match or 2 CatID parameter to SearchResults.php, or 3 the password to AccessControl.php...
CVE-2005-2637
Multiple SQL injection vulnerabilities in PHPFreeNews 1.40 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 Match or 2 CatID parameter to SearchResults.php, or 3 the password to AccessControl.php...